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LISTING OF THE CLAIMS 

Claim 1 (Currently Amended): A digital rights management system for controlling the 
distribution of digital content to player applications, the system comprising: 

a verification system to validate the integrity of the player applications^__Mid 
including a certificate generator for generating a certificate after inspecting the plaver 
application code and determining that a certain required property has been met by said 
code: 

a trusted content handler to decrypt content and to transmit the decrypted content to 
the player applications, using an extension mechanism defined by the application, and to 
enforce usage rights associated with the content; and 

a user interface control module to ensure that the user interaction with the player 
applications does not violate the usage rights; 

wherein components of the verification system, the trusted content handler, and 
user interface control module of the digital rights management system operate independ^tly 
fi-om the player application and reside locally in an end-user device having said player 
applications. 

Claim 2 (Original): A digital rigjits management system according to Claim 1, wherein the 
verification system includes an off-line verifier to verify that the player applications have 
certain properties, and to issue trust certificates to verify that the player applications have 
said properties. 
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Claim 3 (Original): A digital rights management system according to Claim 2, wherein the 
verification system further includes a verifying launcher for verifying that a particular player 
application is certified as a trusted application before digital content is transmitted to said 
particular player application. 

Claim 4 (Original): A digital rights management system according to Claim 1, wherein the 
player applications request protected content, and the trusted content handler includes an 
authenticator to verify that a player application that requests protected content has been 
authorized by the verification system to access the requested, protected content. 

Claim 5 (Original): A digital rights management system according to Claim 1 , wherein a user 
interface control module traps user interface related messages generated as a result of user 
interactions with player applications, blocks messages that lead to usage rights violations, 
and passes through other messages to the player applications. 

Claim 6 (Currently Amended): A digital rights management method for controlling the 
distribution of digital content to player applications, the method comprising the steps: 

providing a verification system to validate the integrity of the player applications;, 
said vCTification svstem including a certificate generator for generating a certificate after 
inspecting the plaver application code and determining that a certain required property has 
been met bv said code : 
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using a trusted content handler to decrypt content and to transmit the decrypted 
content to the player applications, using an extension mechanism defined by the applications, 
and to enforce usage rights associated with the content; and 

providing a user interface control module to ensure that the user interaction with 
player applications does not violate the usage rights; 

wherein components of the verification system, the trusted content handler, and user 
interface control module of the digital rights management system operate independently fix>m 
the player application and reside locally in an end-user device having said player 
applications. 

Claim 7 (Original): A method according to Claim 6, wherein the step of providing a 
verification system includes the step of providing an off-line verifier to verify that the player 
applications have certain properties, and to issue trust certificates to verify that the player 
applications have said prop^ties. 

Claim 8 (Original): A method according to Claim 7, wherein the step of providing a 
verification system further includes the step of providing a verifying launcher for verifying 
that a particular player application is certified as a trusted application before digital content is 
transmitted to said particular player application. 

Claim 9 (Original): A method according to Claim 6, wherein the player applications request 
protected content, and the step of using the trusted content handler includes the step of using 
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an authenticator to verify that a player application that requests protected content has been 
authorized by the verification system to access the requested, protected content. 

Claim 10 (Currently Amended): A program storage device readable by machine, tangibly 
embodying a program of instructions executable by the machine to perform method for 
controlling the distribution of digital content to player applications, the method steps 
comprising: 

using a verification system to validate the integrity of the player application s^ said 
verification system including a certificate generator for generating a certificate after 
inspecting the player application code and determining that a certain required property has 
been met by said code: 

using a trusted content handler to decrypt cont^t and to transmit the decrypted 
content to the player applications, using an extension mechanism defined by the applications, 
and to enforce usage rights associated with the content; and 

using a user interface control module to ensure that the user interaction with player 
applications does not violate the usage rights; 

wherein components of said verification system, the trusted content handler, and user 
interface control module operate independently firom the player applications and reside 
locally in an end-user device having said player applications. 

Claim 11 (Original): A program storage device according to Claim 10, wherein the step of 
using the verification s>^tem includes the step of using an off-line verifier to verify that the 
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player applications have certain properties, and to issxie trust certificates to verify that the 
player applications have said properties. 

Claim 12 (Original): A program storage device according to Claim 1 1, wherein the step of 
using the verification system further includes the step of using a verifying launcher for 
verifying that a particular player application is certified as a trusted application before digital 
content is transmitted to said particular player application. 

Claim 13 (Original): A program storage device according to Claim 10, wherein the player 
applications request protected content, and the step of using the trusted content handler 
includes the step of using an authenticator to verify that a player application that requests 
protected content has been authorized by the verification system to access the requested, 
protected content 

Claim 14 (Currently Amended): A code identity and integrity verification system, 
comprising: 

a certificate generator for receiving applications, for d e t e rmini ng inspecting the 
a pplications code to determine if the applications code exhibit a predefined property, and for 
issuing a trust certificate for each of the applications that exhibits the predefined property; 

a certificate repository for receiving and storing trust certificates issued by the 
certificate generator; 
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an off-line a code verifier for to analyze program code of a particular player 
application to determine whether said particular player application is certified as a trusted 
application before digital content is transmitted to said particular player application; and 

an authenticator for receiving requests, using an extension mechanism defined by the 
applications, to verify that a player application that requests protected content has been 
authorized by the verification system to access the requested, protected content. 

Claim 1 5 (Original): A code identify and integrity verification system according to Claim 14, 
wherein the code verifier is responsible for launching the player application and verifying the 
identity and integrity of the code using the information in the trust certificate before 
laxmching the application; the launch procedure returning process identification information, 
which the code verifier records internally; the authenticator commimicating the same or other 
process identification information concerning its own process, which it obtains from system 
service calls, to the code verifier at the time the application requests content fi-om the 
authenticator; the code verifier matching this process identification information against the 
process identification information it recorded; the code verifier returning a code indicatuig 
whether the process was verified or not. 

Claim 16 (Original): A code identity and integrity verification system according to Claim 14, 
wherein the code verifier receives fi-om the authenticator process identification information at 
the time the player application calls the authenticator; the code verifier querying the 
operating system with the process identification information or the file names of all modules 
loaded for that process; the code verifier using the information in the trust certificate to verify 
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the identity and integrity of the code modules; returning a code indicating whether the 
process was verified or not. 

Claim 17 (Original): A code identity and integrity verification system according to Claim 14, 
wherein the trust certificate includes: 

a program identifier identifying said one of the applications; 

a property name identifying an attribute certified by the trust certificate; 

a code digest of the one application; 

a digital signature containing a secret key of the appHcation certifier, and 
a certifier identification containing a public key of the application certifier. 

Claim 18 (Currently Amended): A method for verifying the identity and integrity of code, 
comprising the steps: 

using a certificate generator for receiving applications, for d e termining inspecting the 
a pplications code to determine if the applications code exhibit a predefined property, and for 
issuing a trust certificate for each of the applications that exhibits the predefined property; 

receiving and storing in a certificate repository trust certificates issued by the 
certificate generator, 

using a an off-line code verifier to analyze program code of a particular player 
application to determine whether said particular player application is certified as a trusted 
application before digital content is transmitted to said particular player application; and 
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using an authenticator for receiving requests, using an extension mechanism defined 
by the application, to verify that a player application that requests protected content has been 
authorized by the verification system to access the requested, protected content. 

Claim 19 (Original): A method according to Claim 16, wherein the trust certificate includes: 
a program identifier identifying said one of the applications; 
a property name identifying an attribute certified by the trust certificate; 
a code digest of the one application; 

a digital signature containing a secret key of the application certifier; and 
a certifier identification containing a public key of the application certifier. 

Claim 20 (Previously Presented): A program stomge device readable by machine, tangibly 
embodying a program of instructions executable by the machine to perform method steps for 
verifying, out of process, the identity of code, said method steps comprising: 

using a certificate generator for receiving applications, for determining if the 
applications exhibit a predefined property, and for issuing a trust certificate for each of the 
applications that exhibits the predefined property; 

receiving and storing in a certificate repository trust certificates issued by the 
certificate generator; 

using ft an off-line code verifier to analyze program code of a particular player 
application to determine whether said particular player application is certified as a trusted 
application before digital content is transmitted to said particular player application; and 
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using an authenticator for receiving requests, using an extension mechanisna defined 
by the application, to verify that a player application that requests protected content has been 
authorized by the vaification system to access the requested, protected content. 

Claim 21 (Original): A program storage device according to Claim 20, wherein the trust 
certificate includes: 

a program identifier identifying said one of the applications; 

a property name identifying an attribute certified by the trust certificate; 

a code digest of the one application; 

a digital signature containing a secret key of the application certifier, and 
a certifier identification containing a public key of the application certifier. 
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